nix/hosts/lapis/configuration.nix (view raw)
1{ self, config, pkgs, theme, ... }:
2
3{
4 imports =
5 [
6 ./hardware-configuration.nix
7 ];
8
9 boot.loader.systemd-boot.enable = true;
10 boot.loader.efi.canTouchEfiVariables = true;
11 boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
12
13 networking = {
14 nameservers = [ "1.1.1.1" "1.0.0.1" ];
15 wireless = {
16 enable = true;
17 interfaces = [ "wlan0" ];
18 environmentFile = "/home/icy/secrets/wireless.env";
19 networks = {
20 Sanic.psk = "@PSK_SANI@";
21 Gopalan.psk = "@PSK_GOPA@";
22 "GoSpaze 2" = {
23 psk = "@PSK_GOSP@";
24 };
25 };
26 extraConfig = ''
27 ctrl_interface=/run/wpa_supplicant
28 ctrl_interface_group=wheel
29 '';
30 };
31 # dhcpcd.enable = true;
32 hostName = "lapis";
33 useDHCP = false;
34 interfaces.wlan0.useDHCP = true;
35 };
36
37 i18n.defaultLocale = "en_US.UTF-8";
38 time.timeZone = "Asia/Kolkata";
39
40 nixpkgs.config = {
41 allowUnfree = true;
42 st = {
43 conf = builtins.readFile ../../programs/st/config.h;
44 extraLibs = with pkgs; [ harfbuzz ];
45 patches = [
46 ../../patches/st/xres.diff
47 ../../patches/st/bright.diff
48 ../../patches/st/ligatures.diff
49 ];
50 };
51 };
52
53 nixpkgs.overlays = with self.overlays; [
54 nvim-nightly
55 prompt
56 ];
57
58 environment.systemPackages = with pkgs; [
59 cwm
60 man-pages
61 git
62 man-pages-posix
63 (lib.hiPrio pkgs.bashInteractive_5)
64 ];
65
66 documentation = {
67 dev.enable = true;
68 man.generateCaches = true;
69 };
70
71 users.motd = with config; ''
72 Host ${networking.hostName}
73 OS NixOS ${system.nixos.release} (${system.nixos.codeName})
74 Version ${system.nixos.version}
75 Kernel ${boot.kernelPackages.kernel.version}
76 '';
77
78 console = {
79 font = "Lat2-Terminus16";
80 keyMap = "us";
81 };
82
83 sound.enable = true;
84 hardware = {
85 pulseaudio.enable = true;
86 bluetooth = {
87 enable = true;
88 powerOnBoot = true;
89 };
90 };
91
92 services = {
93 xserver = {
94 enable = true;
95 layout = "us";
96 displayManager.startx.enable = true;
97 libinput.enable = true;
98 };
99 tailscale.enable = true;
100
101 # 1. chmod for rootless backligh1t
102 # 2. lotus58 bootloader mode for rootless qmk flashing
103 udev = {
104 extraRules = ''
105 ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
106 ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
107 '';
108 path = [
109 pkgs.coreutils
110 ];
111 };
112 };
113
114 virtualisation.docker = {
115 enable = true;
116 logDriver = "json-file";
117 };
118
119 security = {
120 doas.enable = true;
121 sudo.enable = true;
122 doas.extraConfig = ''
123 permit nopass :wheel
124 '';
125 doas.extraRules = [{
126 users = [ "icy" ];
127 }];
128 pki.certificateFiles = [ "/home/icy/.local/share/caddy/pki/authorities/local/root.crt" ];
129 };
130
131
132 users.users.icy = {
133 isNormalUser = true;
134 extraGroups = [ "wheel" "docker" "audio" "video" "dialout" ];
135 };
136
137 nix = {
138 package = pkgs.nixFlakes;
139 extraOptions = ''
140 experimental-features = nix-command flakes ca-derivations
141 warn-dirty = false
142 keep-outputs = false
143 '';
144 settings = {
145 trusted-users = [
146 "root"
147 "icy"
148 ];
149 };
150 };
151
152
153 # This value determines the NixOS release from which the default
154 # settings for stateful data, like file locations and database versions
155 # on your system were taken. It‘s perfectly fine and recommended to leave
156 # this value at the release version of the first install of this system.
157 # Before changing this value read the documentation for this option
158 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
159 system.stateVersion = "21.11"; # Did you read the comment?
160
161}
162